A vulnerability was identified in the National Rail Live Departure Board gadget which rendered it vulnerable to a script injection attack that could potentially allow remote attackers to execute commands on the target system. An attacker successfully exploiting this vulnerability could execute arbitrary commands in the context of the current logged in user.

The Windows Vista operating system includes the “Windows Sidebar”. This feature allows users to display ‘gadgets’ on the Sidebar and on the Windows desktop. Gadgets are small applications which can be very flexible in design and function. They are managed by the Windows Sidebar and can be used for many purposes. The range of their functionality and sophistication is dependent upon the developer’s creativity and skill. Windows Vista includes various gadgets by default, such as a calendar, calculator, currency converter, etc.